yanistyle/podkop
1
0
Fork 0
mirror of https://github.com/itdoginfo/podkop.git synced 2026-06-10 21:38:15 +03:00
Code Issues Packages Projects Releases 1 Wiki Activity

Compare commits

base: yanistyle:0.7.18
Branches Tags
yanistyle:main yanistyle:nftsets
yanistyle:0.7.19 yanistyle:0.7.18 yanistyle:0.7.17 yanistyle:0.7.16 yanistyle:0.7.15 yanistyle:0.7.14 yanistyle:0.7.13 yanistyle:0.7.12 yanistyle:0.7.11 yanistyle:0.7.10 yanistyle:0.7.9 yanistyle:0.7.8 yanistyle:0.7.7 yanistyle:0.7.6 yanistyle:0.7.5 yanistyle:0.7.4 yanistyle:0.7.3 yanistyle:0.7.2 yanistyle:0.7.1 yanistyle:0.7.0 yanistyle:0.6.2 yanistyle:v0.6.1 yanistyle:v0.6.0 yanistyle:v0.5.8 yanistyle:v0.5.7 yanistyle:v0.5.6 yanistyle:v0.5.5 yanistyle:v0.5.4 yanistyle:v0.5.3 yanistyle:v0.5.2 yanistyle:v0.5.1 yanistyle:v0.5.0 yanistyle:v0.4.11 yanistyle:v0.4.10 yanistyle:v0.4.9 yanistyle:v0.4.8 yanistyle:v0.4.7 yanistyle:v0.4.6 yanistyle:v0.4.5 yanistyle:v0.4.4 yanistyle:v0.4.3 yanistyle:v0.4.2 yanistyle:v0.4.1 yanistyle:v0.4.0 yanistyle:v0.3.50 yanistyle:v0.3.49 yanistyle:v0.3.48 yanistyle:v0.3.47 yanistyle:v0.3.46 yanistyle:v0.3.45 yanistyle:v0.3.44 yanistyle:v0.3.43 yanistyle:v0.3.42 yanistyle:v0.3.41 yanistyle:v0.3.40 yanistyle:v0.3.39 yanistyle:v0.3.38 yanistyle:v0.3.37 yanistyle:v0.3.36 yanistyle:v0.3.35 yanistyle:v0.3.34 yanistyle:v0.3.33 yanistyle:v0.3.32 yanistyle:v0.3.31 yanistyle:v0.3.30 yanistyle:v0.3.29 yanistyle:v0.3.28 yanistyle:v0.3.27 yanistyle:v0.3.26 yanistyle:v0.3.25 yanistyle:v0.3.24 yanistyle:v0.3.23 yanistyle:v0.3.22 yanistyle:v0.3.21 yanistyle:v0.3.20 yanistyle:v0.3.19 yanistyle:v0.3.18 yanistyle:v0.3.17 yanistyle:v0.3.16 yanistyle:v0.3.15 yanistyle:v0.3.14 yanistyle:v0.3.13 yanistyle:v0.3.12 yanistyle:v0.3.11 yanistyle:v0.3.10 yanistyle:v0.3.9 yanistyle:v0.3.8 yanistyle:v0.3.7 yanistyle:v0.3.6 yanistyle:v0.3.5 yanistyle:v0.3.4 yanistyle:v0.3.3 yanistyle:v0.3.2 yanistyle:v0.3.1 yanistyle:v0.3.0 yanistyle:v0.2.5 yanistyle:v0.2.4 yanistyle:v0.2.3 yanistyle:v0.2.2 yanistyle:v0.2.1 yanistyle:v0.2.0 yanistyle:v0.1.9 yanistyle:v0.1.8 yanistyle:v0.1.7 yanistyle:v0.1.6 yanistyle:v0.1.5 yanistyle:v0.1.4 yanistyle:v0.1.3 yanistyle:v0.1.2 yanistyle:v0.1.1 yanistyle:v0.1.0
..
compare: yanistyle:main
Branches Tags
yanistyle:main yanistyle:nftsets
yanistyle:0.7.19 yanistyle:0.7.18 yanistyle:0.7.17 yanistyle:0.7.16 yanistyle:0.7.15 yanistyle:0.7.14 yanistyle:0.7.13 yanistyle:0.7.12 yanistyle:0.7.11 yanistyle:0.7.10 yanistyle:0.7.9 yanistyle:0.7.8 yanistyle:0.7.7 yanistyle:0.7.6 yanistyle:0.7.5 yanistyle:0.7.4 yanistyle:0.7.3 yanistyle:0.7.2 yanistyle:0.7.1 yanistyle:0.7.0 yanistyle:0.6.2 yanistyle:v0.6.1 yanistyle:v0.6.0 yanistyle:v0.5.8 yanistyle:v0.5.7 yanistyle:v0.5.6 yanistyle:v0.5.5 yanistyle:v0.5.4 yanistyle:v0.5.3 yanistyle:v0.5.2 yanistyle:v0.5.1 yanistyle:v0.5.0 yanistyle:v0.4.11 yanistyle:v0.4.10 yanistyle:v0.4.9 yanistyle:v0.4.8 yanistyle:v0.4.7 yanistyle:v0.4.6 yanistyle:v0.4.5 yanistyle:v0.4.4 yanistyle:v0.4.3 yanistyle:v0.4.2 yanistyle:v0.4.1 yanistyle:v0.4.0 yanistyle:v0.3.50 yanistyle:v0.3.49 yanistyle:v0.3.48 yanistyle:v0.3.47 yanistyle:v0.3.46 yanistyle:v0.3.45 yanistyle:v0.3.44 yanistyle:v0.3.43 yanistyle:v0.3.42 yanistyle:v0.3.41 yanistyle:v0.3.40 yanistyle:v0.3.39 yanistyle:v0.3.38 yanistyle:v0.3.37 yanistyle:v0.3.36 yanistyle:v0.3.35 yanistyle:v0.3.34 yanistyle:v0.3.33 yanistyle:v0.3.32 yanistyle:v0.3.31 yanistyle:v0.3.30 yanistyle:v0.3.29 yanistyle:v0.3.28 yanistyle:v0.3.27 yanistyle:v0.3.26 yanistyle:v0.3.25 yanistyle:v0.3.24 yanistyle:v0.3.23 yanistyle:v0.3.22 yanistyle:v0.3.21 yanistyle:v0.3.20 yanistyle:v0.3.19 yanistyle:v0.3.18 yanistyle:v0.3.17 yanistyle:v0.3.16 yanistyle:v0.3.15 yanistyle:v0.3.14 yanistyle:v0.3.13 yanistyle:v0.3.12 yanistyle:v0.3.11 yanistyle:v0.3.10 yanistyle:v0.3.9 yanistyle:v0.3.8 yanistyle:v0.3.7 yanistyle:v0.3.6 yanistyle:v0.3.5 yanistyle:v0.3.4 yanistyle:v0.3.3 yanistyle:v0.3.2 yanistyle:v0.3.1 yanistyle:v0.3.0 yanistyle:v0.2.5 yanistyle:v0.2.4 yanistyle:v0.2.3 yanistyle:v0.2.2 yanistyle:v0.2.1 yanistyle:v0.2.0 yanistyle:v0.1.9 yanistyle:v0.1.8 yanistyle:v0.1.7 yanistyle:v0.1.6 yanistyle:v0.1.5 yanistyle:v0.1.4 yanistyle:v0.1.3 yanistyle:v0.1.2 yanistyle:v0.1.1 yanistyle:v0.1.0

2 Commits
0.7.18 ... main

Author SHA1 Message Date
Kirill Sobakin
de7b73af3c Merge pull request #384 from itdoginfo/fix/dnat 
fix: skip connections with DNAT status in NFT mangle chain
 2026-06-01 12:22:26 +03:00
Andrey Petelin
3c34bd1fd0 fix: skip connections with DNAT status in NFT mangle chain 2026-06-01 14:11:14 +05:00
1 changed files with 1 additions and 0 deletions
Expand all files Collapse all files

1
podkop/files/usr/bin/podkop
View File

@@ -312,6 +312,7 @@ create_nft_rules() {
nft add chain inet "$NFT_TABLE_NAME" mangle_output '{ type route hook output priority -150; policy accept; }' nft add chain inet "$NFT_TABLE_NAME" mangle_output '{ type route hook output priority -150; policy accept; }'
nft add chain inet "$NFT_TABLE_NAME" proxy '{ type filter hook prerouting priority -100; policy accept; }' nft add chain inet "$NFT_TABLE_NAME" proxy '{ type filter hook prerouting priority -100; policy accept; }'
nft add rule inet "$NFT_TABLE_NAME" mangle ct status dnat return
nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "@$NFT_COMMON_SET_NAME" meta l4proto tcp meta mark set "$NFT_FAKEIP_MARK" counter nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "@$NFT_COMMON_SET_NAME" meta l4proto tcp meta mark set "$NFT_FAKEIP_MARK" counter
nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "@$NFT_COMMON_SET_NAME" meta l4proto udp meta mark set "$NFT_FAKEIP_MARK" counter nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "@$NFT_COMMON_SET_NAME" meta l4proto udp meta mark set "$NFT_FAKEIP_MARK" counter
nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "$SB_FAKEIP_INET4_RANGE" meta l4proto tcp meta mark set "$NFT_FAKEIP_MARK" counter nft add rule inet "$NFT_TABLE_NAME" mangle iifname "@$NFT_INTERFACE_SET_NAME" ip daddr "$SB_FAKEIP_INET4_RANGE" meta l4proto tcp meta mark set "$NFT_FAKEIP_MARK" counter